Soldato
- Joined
- 3 Jun 2005
- Posts
- 3,329
- Location
- The South
Hopefully this is in the right forum; but long story short, we're moving offices and as the previous IT company got given the boot (mixture of stupidly expensive vs. them bodging/not really doing a lot) and with me (software dev) being the only one in the office that knows anything IT, I’ve been punted into the seat of reconfiguring the network 
The current network/server situ looks like this -
It's a fairly straight forward setup, granted it currently has issues regarding redundancy/fall over situations, but personally I think it's a bit of a backwards setup created by the IT company with the SBS box (white box server, chugs a bit, could do with replacing at some point) having all those roles, DNS/DHCP (I know SBS likes to be the DHCP/DNS provider), yet not in a dual NIC setup ie: WWW -> Router/Firewall -> SBS -> Switch -> Client machines (eg: something like >this<).
I'm also not hugely convinced with the Cisco router as it has dropped connection a few times (very iffy in our current office), so I’m thinking of replacing that. Obviously wireless is dealt with by the Cisco and the SBS box deals with VPN, which I’ve been told is a bit of a no-no and should be handled by hardware where possible.
Before the questions, requirements - must have wireless access for business phones (and the odd laptop) although this isn't critical like the wired network; must have VPN access for remote access aka for when the MD goes on holiday and needs access to software/DBs; small business setup/no more than 5/6 client machines tops and as usual I have little to no budget to do anything with.
From what I’ve been told, the office building/complex (multiple businesses under one roof) has redundancies in place for power and internet; so that side of things should be taken care of.
Questions -
1) Regarding router/firewall replacement; I was thinking of either the Juniper SSG5 or SRX100 as I know a few people on here rave about them for small business installs (as well as Enterprise). Has anyone had experience setting up either using ScreenOS or Juno OS? Heard Juno OS is a bit of a mare of a learning curve compared to Screen OS although Juno is a lot more powerful. Otherwise something Dray Tek, like the 3300V+, although I’ve heard of a few people having serious issues with them and support is apparently dire. Anything Cisco is well out of budget.
2) Would I be better off leaving the network in the same configuration or moving the SBS box to a dual NIC setup? If it's dual NIC'd how would that effect VPN access, would it be better to give the router/firewall that role or leave the SBS box to deal with it?
3) I know you can get the SSG5 in a wireless version but that's over a £100 more than the standard SSG5; am I right i thinking I could just slap on a WAP (looking at a £20 TP-Link) to whatever router/firewall we get? In either the current configuration or a dual NIC SBS configuration, where is it best to place the WAP; off the router/firewall or the switch?
4) Another idea was to replace the server with a new SBS box (been looking at the HP Microserver), new Gb switch, remove the router/firewall completely and get SBS to do everything - wise idea or a bit silly and I SHOULD have a hardware firewall solution before the server? I have a feeling I already know this one
5) Anything else I’ve missed, should consider, over looked etc etc?
There is also an ongoing discussion regarding emails and whether or not we need an Exchange setup for so few people, but it is a mixture of what they've always used and me not finding a suitable hosted Exchange solution that meets our requirements with our budget and Google Apps is well out of the question as the MD thought it was "naff".
Cheers for any help :wave:
The current network/server situ looks like this -
It's a fairly straight forward setup, granted it currently has issues regarding redundancy/fall over situations, but personally I think it's a bit of a backwards setup created by the IT company with the SBS box (white box server, chugs a bit, could do with replacing at some point) having all those roles, DNS/DHCP (I know SBS likes to be the DHCP/DNS provider), yet not in a dual NIC setup ie: WWW -> Router/Firewall -> SBS -> Switch -> Client machines (eg: something like >this<).
I'm also not hugely convinced with the Cisco router as it has dropped connection a few times (very iffy in our current office), so I’m thinking of replacing that. Obviously wireless is dealt with by the Cisco and the SBS box deals with VPN, which I’ve been told is a bit of a no-no and should be handled by hardware where possible.
Before the questions, requirements - must have wireless access for business phones (and the odd laptop) although this isn't critical like the wired network; must have VPN access for remote access aka for when the MD goes on holiday and needs access to software/DBs; small business setup/no more than 5/6 client machines tops and as usual I have little to no budget to do anything with.
From what I’ve been told, the office building/complex (multiple businesses under one roof) has redundancies in place for power and internet; so that side of things should be taken care of.
Questions -
1) Regarding router/firewall replacement; I was thinking of either the Juniper SSG5 or SRX100 as I know a few people on here rave about them for small business installs (as well as Enterprise). Has anyone had experience setting up either using ScreenOS or Juno OS? Heard Juno OS is a bit of a mare of a learning curve compared to Screen OS although Juno is a lot more powerful. Otherwise something Dray Tek, like the 3300V+, although I’ve heard of a few people having serious issues with them and support is apparently dire. Anything Cisco is well out of budget.
2) Would I be better off leaving the network in the same configuration or moving the SBS box to a dual NIC setup? If it's dual NIC'd how would that effect VPN access, would it be better to give the router/firewall that role or leave the SBS box to deal with it?
3) I know you can get the SSG5 in a wireless version but that's over a £100 more than the standard SSG5; am I right i thinking I could just slap on a WAP (looking at a £20 TP-Link) to whatever router/firewall we get? In either the current configuration or a dual NIC SBS configuration, where is it best to place the WAP; off the router/firewall or the switch?
4) Another idea was to replace the server with a new SBS box (been looking at the HP Microserver), new Gb switch, remove the router/firewall completely and get SBS to do everything - wise idea or a bit silly and I SHOULD have a hardware firewall solution before the server? I have a feeling I already know this one
5) Anything else I’ve missed, should consider, over looked etc etc?
There is also an ongoing discussion regarding emails and whether or not we need an Exchange setup for so few people, but it is a mixture of what they've always used and me not finding a suitable hosted Exchange solution that meets our requirements with our budget and Google Apps is well out of the question as the MD thought it was "naff".
Cheers for any help :wave:
Last edited:
